package com.lwy.security;


import com.lwy.dao.BookUserMapper;
import com.lwy.entity.BookUser;
import com.lwy.entity.MyBookUser;
import org.springframework.security.core.Authentication;
import org.springframework.stereotype.Component;

import javax.annotation.Resource;
import javax.servlet.http.HttpServletRequest;

@Component(value = "rbacConfig")
public class RbacConfig {

    @Resource
    private BookUserMapper bookUserMapper;


    public boolean hasPermission(HttpServletRequest request, Authentication authentication){
        Object principal = authentication.getPrincipal();
        System.out.println(principal);



        if("anonymousUser".equals(principal)){
            return false;
        }else{
            MyBookUser myUserInfo = (MyBookUser) principal;
            String uri = request.getRequestURI();


            BookUser bookUser = bookUserMapper.selectAll(myUserInfo.getUsername());

            if(uri.contains(".ico")){
                return true;
            }
            if(myUserInfo.getUsername().equals("游客")){
                return true;
            }
            if(myUserInfo.getUsername().equals(bookUser.getUsername())){
               return true;
            }else{
                return false;
            }
        }
    }

}
